package cc.liyinghao.springsecuritydemo.controller;


import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequiredArgsConstructor
@Tag(name = "基于权限接口")
public class AuthorityController {

    @GetMapping("/hello_user_view")
    @PreAuthorize("hasAuthority('user:view')")
    @Operation(summary = "需要user_view权限")
    public String admin() {
        return "user_view";
    }

    @GetMapping("/hello_user_edit")
    @PreAuthorize("hasAuthority('user:edit')")
    @Operation(summary = "需要user_edit权限")
    public String userEdit() {
        return "user_edit";
    }
}
